Nearly half of all data breaches occur when ID-theft criminals access information because we lost a device. In fact, nearly 41 percent of all data breach events from 2005 through 2015 were caused by lost devices such as laptops, tablets and smartphones, according to a new TrendMicro report.

TrendMicro’s analysis included data breaches by business sector, and one of the significant findings was that missing devices and untrustworthy insiders made the health-care industry responsible for more data breaches than any other business sector in the last 10 years. To gain a security expert’s perspective on reducing the impact of lost or stolen devices, I reached out to Alan Saquella, a member of the Merchants ID Theft Advisory Board that I co-chair and the Western region manager of security/investigations for Cox Communications.

“The two things that we do at Cox to prevent and/or minimize lost devices is to implement a required, annual training on privacy and security, which is tracked by employee for compliance,” he said. In addition to education, “all devices are tracked with GPS and/or CompuTrace (a laptop tracking software) and so far, we have been very successful in recovering lost or stolen equipment,” Saquella said.

To help you understand where the major risk areas are beyond lost devices, TrendMicro reported that data breach events happen in the following ways:

  • 25 percent of breaches were caused by hacking and malware
  • 17.4 percent of breaches were caused by unintentional disclosure (not including lost devices)
  • 12 percent of breaches were caused by malicious insider leaks

The report said that that health-care business sector was the largest target, accounting for 26.9 percent of data breaches this decade, followed by education (16.8 percent), government (15.9 percent) and retail (12.5 percent). At the same time “healthcare had a significant insider leak problem (17.5 percent of its breaches). Insider leaks were the primary source of identity theft cases (44.2 percent) and healthcare was hit harder by identity theft than any other sector, accounting for 29.8 percent of cases.”

While IT and hacking are the sizzle that continues to create data breach headlines, the truth is, most events are caused by device loss and the insider threat. While attackers certainly target personal identifiable information, credentials, more specifically the credentials of a network administrator, can be more lucrative. Administrator level credentials can provide attackers with the ability exploit an entire organization in an attempt to gain valuable Intellectual property such as trade secrets, or copywritten works. Although retailers have suffered many major losses as the result of data breach events, the most affected industry is the health-care sector.

Mark’s Most Important: Realize that devices will be lost, thus your organization needs to take steps to minimize the sensitive information contained on these devices, encrypt the data when it cannot be avoided, track and retrieve the devices when necessary, and remotely wipe devices if all else fails.

Mark Pribish is vice president and ID-theft practice leader at Merchants Information Solutions Inc., an ID theft-background screening company based in Phoenix. Contact him at

This article was originally published on and republished with the author’s permission.

Merchants Information Solutions is a proud sponsors and provides financial support to the ITRC. For more information on the ITRC’s financial support relationships please see our sponsorship policy.